Custom REST API -- Tips, Best Practices, Examples, etc.?

Which IIQ version are you inquiring about?

8.4p3

We are looking to add some custom REST APIs to our IdentityIQ deployment to allow other applications and services within the company to request AD group creation, submit access requests, etc. Can anyone point me to any good resources with examples, best practices, etc. for doing this? We’re primarily concerned about the security around these services, so we want to make sure we’re following best practices for IIQ in that regard. I’ve found a couple of very short documentation resources (<1 page) that talk about how to implement them, but nothing substantial. Are there any official guides from SailPoint? Code examples?

Hi @sdnakhla, we have 20 custom REST resources with ~200 endpoints in total.

It is not difficult. For security, each endpoint typical starts with a call like:

authorize(new RightAuthorizer("Custom SPRight Name"));

You want define a custom SPRight to control access to the endpoint(s).

Hi @sdnakhla

As what I have understood from your problem statement is that you need custom rest through which you can manage access request and applications.

In this scenario, you can build custom plugin for IIQ and create custom endpoints to submit those requests and call the workflow to do the provisioning.

Let me know if I have misunderstood anything.

Thanks

Are there any guides that talk about authenticating the client? I haven’t seen that anywhere.

Check if this article helps get your queries answered.